Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reset your account password - form not expire #81

Open
Jagy2014 opened this issue Jul 16, 2015 · 1 comment
Open

Reset your account password - form not expire #81

Jagy2014 opened this issue Jul 16, 2015 · 1 comment
Labels
enhancement
Milestone
Version 3.2

Comments

@Jagy2014
Copy link

When user request new password, and not reset it. Link work all the time. It should expire after x hours / days.
@mangopik mangopik added this to the Version 3.2 milestone Jul 17, 2015
@Jagy2014
Copy link
Author

I consider this as a bug.
You allready have this in auth.php, but it does not work.

/*
Password Reminder Settings
--------------------------------------------------------------------------

|
| Here you may set the settings for password reminders, including a view
| that should be used as your password reminder e-mail. You will also
| be able to set the name of the table that holds the reset tokens.
|
| The "expire" time is the number of minutes that the reminder should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/

'reminder' => array(

    'email' => 'emails.auth.reminder',

    'table' => 'password_reminders',

    'expire' => 60,

),

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
Version 3.2
Development

No branches or pull requests
2 participants
@mangopik @Jagy2014